upgrading kdc from 1.9 to 1.16, things to worry about?

Todd Grayson tgrayson at cloudera.com
Mon Dec 11 19:12:03 EST 2017


What OS distro are you working over for the KDC hosts., the schema is no
longer present in current distro specific packaging for openLDAP (that I
can find).

On Mon, Dec 11, 2017 at 12:50 PM, Chris Hecker <checker at d6.com> wrote:

> Ok, moving this over to the main list...
>
> Anybody else have any thoughts on the update below?
>
> Thanks,
> Chris
>
>
> On Mon, Dec 11, 2017 at 11:11 Greg Hudson <ghudson at mit.edu> wrote:
>
> > kerberos at mit.edu is better for questions like this.  Your plan seems
> > sound, with the proviso that I'm not an expert on OpenLDAP (or whatever
> > LDAP server you're using; 389ds also works with krb5, and likely
> > others).  So if there are potential issues with updating the schema, I
> > wouldn't know about them.  The new schema is indeed a superset of the
> > old one, with optional attributes added.
> >
> > On 12/09/2017 10:57 PM, Chris Hecker wrote:
> > > I need to update my kdc finally to get access to a couple new features,
> > and
> > > because duh.
> > >
> > > My KDC uses the LDAP backend.
> > >
> > > - I was not planning on updating slapd.
> > > - I was going to back up and everything, of course.
> > > - I assume I need to copy the latest kerberos.schema over. It looks
> like
> > > it's just a superset of the old one.
> > >
> > > Is there anything else I need to look out for you guys can think of
> when
> > > doing this update?
> > >
> > > I have some patches that add minor features I'll have to port once
> things
> > > are up and running smoothly, and I'll finally contribute them back like
> > > promised to this list and Greg 5 years ago.  Oops.
> > >
> > > Chris
> > > _______________________________________________
> > > krbdev mailing list             krbdev at mit.edu
> > > https://mailman.mit.edu/mailman/listinfo/krbdev
> > >
> >
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>



-- 
Todd Grayson
Business Operations Manager
Customer Operations Engineering
Security SME


More information about the Kerberos mailing list